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Abstract. Collaborative editing consists in editing a common docu- 
ment shared by several independent sites. Conflicts occurs when dil- 
ferent users perform simultaneous uncompatible operations. Centralized 
systems solve this problem by using locks that prevent some modifica- 
tions to occur and leave the resolution of conflicts to users. Optimistic 
peer to peer (P2P) editing doesn't allow locks and uses a Integration 
Transformation IT that reconciliates conflicting operations and ensures 
convergence (all copies are identical on each site). Two properties TPl 
and TP2, relating the set of allowed operations Op and the transforma- 
tion IT, have been shown to ensure convergence. The choice of the set 
Op is crucial to define an integration operation that satisfies TPl and 
TP2. Many existing algorithms don't satisfy these properties and are in- 
correct. No algorithm enjoying both properties is known for strings and 
little work has been done for XML trees in a pure P2P framework. We 
focus on editing XML-like trees, i.e. unranked-unordered labeled trees 
also considered in the Harmony project. We show that no transforma- 
tion satisfying TPl and TP2 exists for a first set of operations but that 
TPl and TP2 hold for a richer set of operations, provided that some 
decoration is added to the tree. We show how to combine our approach 
with any convergent editing process on strings to get a convergent pro- 
cess. We have implemented our transformation using a P2P algorithm 
inspired by Ressel et al. whose correctness relies on underlying partial 
order structure generated by the dependence relation on operations. 
Keywords: Peer to Peer, Concurrent Processes, Collaborative Editing, 
Optimistic reconciliation, XML 



1 Introduction 



Collaborative edition is a concurrent process that allows separate 
users -sites- to work on the same data called a collaborative object 
using a set of defined operations. Distinct authors working on the 
same article, shared calendar, on-line encyclopedia are example of 
such processes. This activity can be centralized by a distinguished 
site that coordinates and resolves the confiicts that can arise from 



concurrent access to the same resource -for instance two sites want 
to insert two distinct character at the same position in a word-, 
hke in the subversion system (svn). A more hberal approach rehes 
on a peer to peer process (in short P2P) where the set of users in 
not fixed in advance and where no central site coordinates the pro- 
cess. Therefore conflict resolution is much more complex, especially 
when one has an optimistic approach that considers that each op- 
eration is meaningful and must be taken into account. A simpler 
solution that relies on priority attributed to users and undoing con- 
flicting operations can lead to a situation where only the operations 
of one user are performed and all other operations are discarded, 
which is the opposite of a cooperative work. Therefore a main is- 
sue in collaborative edition is to ensure convergence (i.e. each user 
gets the same copy of the shared data) in the optimistic framework. 
The Integration Transformation approach uses a operator IT that 
combines concurrent operations to get a new operation merging the 
effect of these concurrent operations to resolve the conflicts. Conver- 
gence is proved when this transformation enjoys two properties TPl 
and TP2. The problem is hard for linear structures like words and 
most algorithms proposed pUPDH] are non-trivial. Unfortunately re- 
cent works [3] show that these algorithm don't have the convergence 
property. Furthermore, few results have been obtained for tree-like 
structures in a pure P2P optimistic framework which is the basis 
for collaborative edition on XML-documents (the solution in [S] uses 
time-stamp, i.e. a central server). In this paper we concentrate on 
labeled unranked-unordered trees, called XML-like trees- which are 
already considered in the Harmony project [9] and also provides a 
close approximation to XML-documents (in many applications, the 
ordering on siblings on XML document is not relevant). Our first re- 
sults states that no IT transformation can exist for a first basic set of 
operations. Then we refine the data structure and we give a rich set 
of operations that allows to define an IT transformation satisfying 
TPl and TP2. The proof has been automated with the Vote sys- 
tem [2] which uses Spike, a theorem prover based on term rewriting. 
Then we show how to combine this data structure with another date 
structure for which a convergent algorithm exists to get convergence 
for the composed data structure. This results allows collaborative 



editing on a complex data structure combining a tree-like structure 
and other basic structure like words. 

Section [2] gives the basic definitions, section [3] describes the main 
basic data structures words and trees. Then we give the negative 
results for these collaborative objects in section |H The new tree-like 
collaborative object is given in section [5] as well as an integration 
transformation that ensures convergence. Combination of convergent 
algorithm are given in Section E] and Section [7] discusses implemen- 
tation issues. 

2 The Framework 

2.1 Collaborative Editing and Convergence 

A collaborative object consists of a type (calendar, XML document,. . . ) 
that defines the set of states, a set Op of operations and an opera- 
tor Do that applies an operation op to a state s (i.e. an element of 
the type) to get another state op{s) that is denoted by Do{s,op). 
For instance, the collaborative object word consists of S* the set of 
words on an alphabet S, operations InsCh(p,c) to insert character c 
at position p, and DelCh(p) to delete the character at position p and 
Do operation simply applies these deletion or insertion to the cur- 
rent state (which is some word). A sequence of operations is called 
an history and denoted by [opi, op2] . . . ; opn] and we use the notation 
[opi, op2] . . . ; opn]{s) to denote Do{. . . , Do{Do{s, opi), 0P2), . . . , opn) 
(apply opi first, then op2,. ■ ■)■ 

Collaborative editing is a special kind of concurrent programming 
on a shared collaborative object shared by distinct sites. Centralized 
systems like svn have a system of locks that prevent confiict^, but 
pure P2P systems have no centralization process that enforce each 
site to have the same data. The optimistic approach assumes that 
no operation is lost and the main issue is to ensure convergence, i.e. 
all sites eventually have the same copy of the shared object. 

Requests and computations. Each site generate local requests that 
consists of some operation op to execute on the shared object plus ad- 
ditional information (site identifier, operation number, history,. . . ). 

^ a user can be in conflict with the master copy, but conflict resolution is under user's 
responsibihty 



Each local request is broadcast to all other sites and we assume that 
no messages is lost and that the execution ordering doesn't exchange 
messages. Requests generated and received by each site are queued 
and extracted from the queue to be executed, i.e. the operation is 
performed on the current copy of the collaborative object. Local re- 
quests are linearly ordered and the execution of requests respects 
this ordering. Therefore requests can be causally related or concur- 
rent (requests generated independently by distinct sites) 

The causality relation and concurrent request. Let r\ be generated by 
site i and r2 generated by site j. The causality relation >- is defined 
by r\ >- r2 iff either i = j and r\ is generated before or i ^ j and 
the request rl is executed on site j before r^. The relation is a 
partial order and we say that two requests r and r' are concurrent, 
denoted by r || r', iff r ^ r' and r' )f- r. In the following, we identity a 
request and the operation it conveys, and we extend >- to operations. 

Concurrency may lead to conflicts: For instance two distinct sites 
insert different characters at the same position. These conflicts are 
solved using a transformational approach. Assume that a site s has 
performed operation op and that it receives an request containing op- 
eration op' that has been issued by another site s' concurrently to op 
(i.e. op II op'). Instead of executing op', the site s executes IT {op', op), 
the transformation of operation op' according to op. Meanwhile site 
s', which has executed op' and receives a request to execute op will 
execute IT {op, op'). 

The convergence property states that all sites share the same copy 
of the collaborative object after they have processed all requests. 

2.2 The Integration Transformation and the Convergence 
Theorem 

The Integration function IT takes two operations op2 issued by site2 
and opi issued by sitci and returns a operation IT{op2,opi) G Op 
that sitci executes. Meanwhile site2 executes IT{opi, 0P2). This inte- 
gration function IT is extended to integrate an operation with a set 
of concurrent operations (see [2]). The classical properties required 
for ensuring convergence are: 



TPl property states an equality on states 
[opi;IT{op2,opi)]{t) = [op2;IT{opi,op2)]it) 




IT{op2,opi) 
1 ti 



t 



IT{opi, op2) TPl implies t'l = i'a 



— TP2 property states an identity of operations: 

IT{IT{op, opi), IT{op2, opi)) = IT{IT{op, 0P2), IT{opi, 0P2)) 

Theorem 1 (|l ()|). If IT satisfies TPl and TP2 then the conver- 
gence property holds. 

A main issue in collaborative editing is, given a collaborative 
object, design an IT function that satisfies TPl and TP2. A related 
issue is to design the most expressive set of operations, such that 
there exists an IT satisfying TPl and TP2. The larger the set of 
operations, the better but extending the set of operations results in a 
combinatorial explosion when proving TPl and TP2. At the present 
time, no set of operations has been designed to handle XML-like 
documents in a pure P2P approach. 

2.3 An Abstract Description of Editing Algorithm 

Each site has a set of local variables i,s,h, . . . site identifier, current 
state of the shared object, history,. . . and an environment E is a set 
of values of these variables (for all sites) . A request is a tuple of values 
{i, opnb, op, . . .) (site identifier, operation numbering, operation,. . . . 
The set of environment is Snv and the set of request is TZeq. 

Local transitions are described by a transition function ipi : Op x 
Snv Snv that given an operation op G Op, a current environment 
E computes the new environment E' corresponding to the execution 
of op. The request vi sent to other sites is the value of some of the 
local variables. This process is described as (pi.lri. 

An external request Ve is followed by a local computation ipe '■ 
TZeqxSnv Snv updating the local variables (using the IT function 
but possibly other functions). This process is described as Ir^.^e- A 
collaborative editing algorithm on a collaborative object is described 
by Snv, TZeq, (pi, (pe (assuming that transformations like IT and pos- 
sibly other functions are already defined). 



Each site performs a non deterministic choice between the two 
processes and repeats this computation until all messages are pro- 
cessed. A computation is a sequence of ipi{op, E).\ri and lrf,.Lpf.{E) 
that results from an interleaving of the computations on each site 
respecting the causality relation. 



3 Words and Tree-like Data Structures 

In this section, we recall some known facts on words and set up a 
first approach for XML-like trees. 

The collaborative object word is given by the set of words on 
a finite alphabet E and the operations InsCh{p, c) that inserts a 
character c G at position p G Pos, DelCh{p) that deletes the 
character at position p G Pos and Nop{) where Pos is the set of 
positions i.e. sequences of integers. Several Transformations IT have 
been defined but none satisfies both TPl and TP2 (see section Hj). 
Some variants of this object use slightly a more elaborated data 
type and operations to keep track of operations performed at a given 
position or for a given character. 

The tree data structure that we define is already used in the 
Harmony project [H]. Let TV be a set of names, the set T of unordered 
unranked edge labeled trees is defined by the grammar: 

T : : = { } // Empty tree 

I {ni{T), ...,nm{T)] Ui eAf,ni^ rij li i ^ j / /Set of tree 

The definition ensures that two edges issued from the same node 
have different labels: i.e. a given label occurs at most once on sib- 
lings. Trees are unordered i.e., for any permutation cr, we have that 
{?T,i(ti), . . . = {n^(i)(t^(i)), . . . ,n^(m)(icT(m))}- In figures, we 

draw {} as a node, and we add a root node to a tree {ni(ti), . . . , rimitm)}- 

Example 1. 

\ Pat ([ Phone ([ ^--e({0491543545({})}) 1 \ U | 
t= I ^""^ Vl^'''''''' \^\Ce//u/ar({0691543545({})}) j ) ]) \ 
y Henri{{Address{{A5 Emile Caplant Street{{})})}) J 



Pat/\^enri 

Phone I I Address 

Cellular Ah omtt 45 Emile Caplant Street 

0691543545 [ [ 0491543545 

A path is a sequence of names, e is the empty path and p.p' is the 
concatenation of paths p and p'. The set of paths is written V. The 
projection of tree t along a path p, written t\^, is defined by t\^ = t 
and p = ^|n| , n ^ E,p ^ V. We write pi <p2, when a path pi is a 
prefix of another path p2. 

The operations that we consider are: 

— Add{p, n) : Add a edge labeled n at end of path p. 

Add{n'.p,n){{ni{ti), ...,nq{tg)}) = 

{ni{ti),...,ng{tg),n'{Add{p,n) {{}))} if n' ^ Dom{t) 
Add{ni.p,n){{ni{ti), ...,ni{ti), ...,n,(tg)}) = 

{ni(ti), ...,ni(Ac?c?(p,n)(ti)), ...,nq(t,)} 
Add{e,n){t) = t, ii n e Dom{t) 

Add{e,n){{ni{ti),...,ng{tg)}) = {ni{ti), ...,ng{tg),n{{})} 
Example : t' = Add{Henri. Phone, 0491835469) (t) 

Pat y^^^enri 

Phone I Phone/ \ Address 
Cellular Ah omdo49il45Emi/eC'ap/antS'treet 

06915435451 ] 0491543545 

Add{Henri, Phone) {t') = t' since Henri. Phone already exists. 

— Nop{) : Do nothing. Nop{){t) = t 

— Deli{p,n): Replace a edge labeled n at end of path p by the set 
of its successors. 

Deli{n'.p, n){t) = t, if n ^ Dom{t) 
Deli{ni.p,n){{ni{ti), ...,ni(ti), ...,ng(tg)}) = 

{ni(ti), ...,ni{Deli{p,n){ti)), ...,ng{tg)} 
Deli{e,n){t) =t,iin^ Dom(t) 

Deli{e, ni){{ni{ti), ...,ni{ti), ...,ng{tg)}) = {ni{ti), ng{tg)} © ti 



4 Negative Results for Words and Trees 



The Word Case. Imine's work [2|3] contains counter-examples for 
the convergence property for the algorithms presented in p^fTDH] 
and discusses this issue. He defines a weaker property TP2' which 
requires the identity on states instead of operations. Then he gives an 
algorithm ensuring convergence relying on TP2' but this algorithm 
needs the reordering of histories. Therefore, we can state: 

Proposition 1 No transformation IT for words described in 

the literature satisfies TPl and TP2. 

Unordered Unranked Trees. Let Op = {NopQ, Add{p,n), Deli{p,n)} 
p E V,n E E. We say that an operation op{xi, . . . ,Xn) is defined 
from Op iff op{xi, . . . , x„) is some element of Exp according to the 
grammar: 

Exp ::= op{yi, . . . ,yp) \ if Cond then Exp else Exp2 fi op G Op 
Cond ::= X txi y \ Cond A Cond \ ^Cond 

where [xi denotes = or <, x, y are variables or expressions p.n. This 
grammar capture the natural definitions of any operation on trees 
from the basic operations of Op excepting iteration and recursion 
which are out of scope in our framework. 

Theorem 2. There is no definition of IT{opi,op2) from Op such 
that IT satisfies TPl. 

We can restore TPl and TP2 using a stronger notion of deletion 
(See Appendix 18.31) . Let Del2 be the operation deleting the entire 
subtree and let Op' = {Nop{), Add{p, n), De^ip, n)} p E V,n E S. 

Theorem 3. There is a IT for Op' that satisfies TPl and TP2. 

5 Unordered Unranked Trees Revisited 

In collaborative edition each site is identified by its number and 
numbers the operations that it performs. This ordering is linear and 
unambiguous. When a tree is constructed from the empty tree, one 



can uniquely label each edge by the site number and the number- 
ing of the operation that has created this edge. Since we can also 
add labels like those of XML-documents, we have a data structure 
that corresponds to unordered XML documents where the edges are 
labeled by an item occurring once in the tree. 

5.1 The Data Structure 

A identifier is either one of the reserved names doc (for document) or 
mem (for memory) or a pair of natural numbers (site, nbop) where 
the site denotes a site number and nbop denotes an operation num- 
ber. ID denotes the set of identifiers. A label / is an element of a set 
of labels L (for instance section, paragraph,. . .). 

We consider trees defined as in section [3] on the set of names 
A/" = L X ID assuming that each identifier occurs once in the tree. 

r::={} I {{k,zd,){T),...,{l^,tdm){T)} 

where each irfj's occurs once in the whole tree. 
Example 2. 

^ ^ I {Pat, 1; 1) Q {Phone, 2; 1) Q ^^^j^^J^^:^ 5!iy({(0691543545! g! 1K{})}) }y 
[ {Henri, 2;2){{{Address,3;2){{{'i5 Emile Caplant Street, 4,; 2)({})})}) 

From now on, © denotes the union of multisets. Actually, we use this 
operation only for disjoint sets, computing a set (not a multiset). We 
define two projection operations: 

The projection t\.^ oit in id is defined by {}|^ = {} 

{{k,idi){ti), {li,idi){ti), {lm,idm){tm)}\.^ = ti 

{(/l,idi)(ti), {lm,idm){tm)}\^^ = © ••• © ^m|,d 

and the second projection is defined by {}|-.^ = {} and 
{(/i, idi){ti), {k, idi){ti), {Im, idm)itm)}^^^^ = {{h, idi){ti)} 

{(/l,irfl)(tl),..., {lm,idm){tm)}l^^ = {t^^^, . . t^^^J 

Example 3. Let t be as above, then: 

t|3^, = {(0491543545,4; !)({})} 

tpa^, = {(ifome, 3; 1)({(0491543545, 4; 1)({})})} 

Each tree can be transformed into an (unordered) XML tree by 
the tree morphism defined by v^({}) = {} and 

9?({(/l,i(il)(ti), . . . , {lm,idm){tm)]) = {{h){(p{ti)) , {lm){'^{tm))} 




5.2 Gluing Memory and Tree in a Single Tree 



As already mentioned, the collaborative object that we use consists 
in two parts: one is a tree that represents the document that we edit 
and the other one is a memory where we keep some previous parts of 
the document that have been erased. The memory is needed because 
solving conflicts may require to fetch parts of the trees in the memory 
to update the document part (this comes from the move operation 
Mv). To get a uniform deflnition for operations, we represent the 
memory and the document in a single tree, so-called well-formed tree. 
A well-formed tree is a tree of the form {(_L, data){td), (J-, mem){tm)} 
where _L is some new label. 

The Set of Operations Op. Firstly, we deflne two auxiliary functions: 

— Erase{id,t) deletes the node having identifier id in t. 

Erase{id, {}) = {} 

Erase{id, {{h,idi)(ti), {lg,idg){tq)}) = 

{{li,idi){Erase{id, ti)), {Ig, idg){Erase{id, tg))} 
Erase{id, {(/i, ic?i)(ti), {hd,id){tid), {lg,idq){tg)}) = 

{{k,idi){ti), {li_i,idi_i){ti_i, {li+i,idi+i){ti+i), {lg,idg){t 

— AddTree{id, s, t) adds s under identifier id in t (performing union 
of s and of the subterm in t). 

AddTree{idp,t',{}) = {} 

AddTree{idp,t', {{li,idi){ti), {lg,idg){tg)}) = 

{{li, idi){AddTree{idp, t', ti)), {Ig, idg){AddTree{idp, f, tg))} 

AddTree{id,t', {{li,idi)(ti), {lid,id){tid), {lg,idq)(tg)}) = 
{{li,idi)(ti), {lid,id)(tid © t'), {lg,idg)(tg)} 

Let Op = {Add{idp, n, id), Del{id), Mv{id, idp), Ren{id, n), Nop{)}, 
where id G ID \ {data, mem}, idp G ID,n G 17 be the new set of 
operations. 

— Add{idp, id): Add a edge labeled noValue with identifier id under 
a node whose identifier is idp. 

Add{idp,id){t) = AddTree{idp, {{id, NoValue){{})},t) 



— Del{id): Delete a node id and store deleted subtree in memory. 

Del{id)(t) = AddTree{mem,t\-^^ Erase{id^t)) 

— Mv{id,idp): Move node id under node idp 

Mv{id,idp){t) = AddTree{idp,t^.^, Erase{id,t)) 

— Ren{id,n): Change label of node id 

Ren{idJ){{}) = {} 

Ren{id, idi){ti), idg){tg)}) = 

{ {h , idi){Ren{id, l){ti)), {lg,idg) {Ren{id, I) {tg))} 

Ren{id,l){{{li,idi)(ti), {n',id)(ti), {lq,idq)(tg)}) = 
{{h,idi)(ti), {n,id)(ti), ...{lq,idg){tg)} 

— Nop{): Do nothing. Nop{){t) = t 

Besides basic operations for adding and deleting edges, we add two 
useful operations, one for renaming labels (change a \section to 
a \subsection for instance) and another one for moving parts of 
a tree (let's move the \theorem before the \corollary for instance). 
This last operation is the reason why we need a memory part in the 
tree. 

Proposition 2. Let t he a well-formed tree, let op G Op, then op{t) 
is a well-formed tree. 

Remark 1. By definition an identifier id is created once since it 
is equal to {site, nbop) where site is the number of the site which 
has created it and nbop is the numbering of the creation operation. 
Therefore if the edge corresponding to this identifier is created, and 
deleted later on, it cannot be re-created (since the numbering or 
the site number is different). An edge can be created at the "same" 
plac^, but with a different identifier. 

5.3 The IT Transformation 

Theorem 4. The transformation IT defined in figure U\ satisfies 
TPl and TP2. 

Proof. The proof relies on a highly combinatorial case analysis and 
was double checked using the Vote tool [2]. 

^ we use the intuitive notion of same here 



IT{Add(idp, id), Add{id'p, id')) = Add{idp,id), 

( NopQ if id = id' 

IT(Add(idp,id),Del{id')) = I Add{mem,id) if idp = id' 

yAdd{idp,id) otherwise 

IT{Del(id),Add{id'p,id')) = Del{id) 

IT{Dellid),Del[id')) = Del{id) 

TrrfTD ^-j ; ^ D fj 1 w I Nop{) if S2 < si Mdi = id2 
IT{Ren{^d„h),Reni^d2,h)) - [^,^(^,^,,1,) otherw^se. 

IT{Ren{idi, h), op) = Ren{idi, h) if op 7^ Ren 
IT{op, Ren{idi, h)) = op if op ^ Ren 

IT{Mv{^d,Mv\Mv{^d2M,)) = | Mv{id,M,) otherw^se 

!Mv{idi, mem) if idp = id' 
NopQ if idi = id' 
Mv{idi,idp) otherwise 
IT{Mv{idi,id2),op) = Mv{idi,id2) if op / Mv,Del 
IT{op,Mv{idi,id2)) = op if op / Mv 
ItIopi,NopO) = opi 
IT{Nop{),op2) ^Nop{); 

where idp, id'p G ID, id £ ID \ {data, mem}. 

Fig. 1. The Transformation IT 



6 Combining XML-like Trees and Words 

Composition of Trees and Words. Let (T, OpT, Dot) be the collabo- 
rative object obtained from trees and the set of operations defined in 
section |5l Let Dom{t) be the set of identifier occurring in t G T. Let 
Data = {D, Opo, Dod, ) be another collaborative object. We assume 
that do & D is the default initial value for elements of type D. Let 
S : ID — >■ D be a labelling function that associates to each id G ID 
some element d = 5{id) of Data. A labeled tree is a pair t, 5 and 
T[D) denotes the set of labeled trees. For instance the labelling can 
associate to each identifier id a string that can be the information 
stored at the terminal node of the edge labeled by id., we call this 
data structure XML-like trees. 

We define the collaborative object T{Data), the trees parame- 
terized by Data, as follows: 

— The set of states is T{D), 

— The set Op of operations is composed of opid for id G ID, opid G 
OpD-i and op where op G Opx- 



— The Do function is defined by 

Do{(t,S),opid) = (t,S') where the labelhng 6 is identical to S 
except that 6'{id) = op{6{id)). 

Do{(t,6),op) = it',6') where t' = Do{t,op) and S' is identical 
to 6 except that 6{id) = do (the default value of D) if id is an 
identifier not occurring in t. 

Composition of Convergent Algorithms. Let At be a convergent col- 
laborative editing algorithm for T defined by Suvt, TZcqt, ^'^^-vT' 
and let let be a convergent collaborative editing algorithm for 
Data defined by SnvD,'R-eqD, ?rf^.</?f , ipf.lrf. We define a collab- 
orative editing algorithm for T{D) by composing both algorithm 
in a product-like way. Environments have the form {Et, Ed) where 
Et G SnvT and Ed is a partial function ID — >■ Euvd- The function 
is defined for id G Dom{s) where s G Et is the state of the collab- 
orative object. Similarly requests have the form (r^, -L) or (±,r£)) 
where _L stands for undefined, tt G TZcqt and td is a. pair {id,r) 
with id G ID, r G TZeqD- The set of environment is denoted by Snv, 
the set of requests is denoted by IZeq. The composition is defined by 

— Local computation (pi : Op, Snv — ^ Snv where 

(f)i{op, {Et, Ed)) = ^J{op, Et) and n = {rf, ±) if op G OpT 
(f)i{op, {Et,Ed)) = ^f{opid,ED{id)) and n = (±, {id,rf)) 
if op = opid G OpD 

— Computation following external requests 0e : TZeq, Snv Snv 
where (peir^, {Et, Ed)) = '^lir'^, Et) if = {rj, _L) and 

Ur„ {Et, Ed)) = <^f (rf , Ed^) if E = {Et, Ed), r, = (±, (zd, 

The initial state is the empty tree, labeled by do and the current 
state is the tree which is the current state st computed by At and 
for each id G Dom{sT) the labelling is the state computed by Ad- 

Theorem 5. If Ad and At are convergent, then their composition 
is convergent. 

Let XML-like documents be labeled unranked-unordered trees 
decorated with strings. Since convergent algorithms for words exist 
(more complex than algorithms using IT, see [5|2] for instance) and 
since the transformation IT of section [S] is TPl and TP2, we have: 

Theorem 6. There exists a convergent editing algorithm for XML- 
like documents. 



7 Algorithm and Implementation 



The algorithm follows the lines given at section 12.31 It is similar 
to [IDE!, but we replace the explicit vector dependency by sending 
the set of (minimal dependencies) of the operation sent by the site. 
This amounts to giving an slightly modified version of the translate 
function that computes the integration of an operation with respect 
to a set of dependencies. Therefore the set of sites is not fixed in 
advance and can evolve during the editing process. As mentioned in 
[7], the correctness of this algorithm relies on the partial ordering 
structure underlying the set of requests. 

The implementation has been done in Java and performs well in 
practice. Examining random execution of the algorithm shows that 
most of the computations are implicitly independent: operations on 
nodes of distinct identifiers don't interfere. The operations that may 
cause actual conflicts are renaming of labels (on the same identifier). 
In many other cases, the integration IT{op, op') returns op. 

We plan to investigate further the algorithm and its properties to 
give theoretical bases for a set of optimizations that can improve its 
efficiency. For instance, we have proved that integrating an operation 
with pairwise disjoint operations always return the same operation, 
therefore some memoization techniques could be used to save com- 
putation time. 

8 Conclusion 

We have proposed a first approach to deal with XML-like trees in a 
P2P Collaborative Editing framework using a rich set of operations 
and a transformation enjoying the key properties to ensure conver- 
gence (when none of existing algorithms for words achieve this goal). 
We are currently investigating several issues. The first one is to deal 
with ordered unranked trees but, since this case contains the word 
case, the problem is hard and the existence of a simple integration 
transformation is still pending. Another issue is to deal with typing 
issues, where the relevant notion of type is regular tree languages 
for unordered-unranked tree languages (that generalizes DTD and 
XML-Schemas to this data-structure) like in [T]. The first results 
in this direction shows that requiring to use transformations that 



respect types strongly restrict the class of well-typed trees. Finally, 
trees have a structure which is inherently concurrent (branches are 
independent up to their common root) and can be exploited to im- 
prove the computational aspects of our algorithm. 
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Appendix 

8.1 Proof of Theorem d 

iiiiiii main.tex 

Proof. The proof is by induction on n. 

— Base case n = 1. The resuh is obvious (the only substitution is 
the identity. 

— Inductive step. We assume that for aU op, opi, . . . , op„_i, a per- 
mutation of {1, . . . , n — 1} we have IT* {op, [opi, . . . , op„_i]) = 
IT* {op, [op„(i), op^(„_i)]). 

Let op, opi, . . . , opn G Op and let a be a permutation of {1, . . . , n}. 
We distinguish several cases: 

• o"(n) = n. Then a is a permutation of {1, . . . , n — 1}. 

IT*{op, [op^(i), . . . , op<x(n)]) = IT*{op, [op^(i), . . . , op^(„_i), op„]) 

= IT{IT*{op, [op^(i), . . . , op<^(„_i)]), 

IT*{0Pn, [0Pa{l), . . . , Op^(„_i)]) 

= IT {IT* {op, [opal, OPn-l]), 

IT*{0Pn, [opi, . . . ,Op„_i])) 

{by induction hypothesis) 

= IT* {op, [opi,..., OPn^l, OPn]) 

• a exchanges n and n — 1 and a{i) = i for i ^ n,n — 1. 

IT*{op, [op^{l), Op^^n)]) = IT*{op, [opi, OPn-2, OPn, OPn-l]) 

= IT{IT*{op, [opi, OPn-2, OPn]), 

IT*{0Pn-l, [opi,..., OPn-2, OPn])) 

= IT{IT {IT*{op, [opi,...,opn-2]), 

IT*{opn, [opi, . . .,0Pn-2])), 

IT {IT*{opn-i, [opi, opn-2]), 

IT*{oprr, [opi, . . .,0Pn-2]))) 

= IT{IT{op, opi), IT{op2, opi) 

= IT{IT{op, 0P2), IT{opi, 0P2) {by TP2) 

= IT{IT{IT*{op, [opr,...,opn-2]). 

IT*{0Pn-U [opi, . . . , OPn-2])), 
IT{IT*{0Pn, [opi,..., 0Pn-2\), 

IT*{0Pn^l, [opi,..., OPn-2])))) 
= IT*{op, [opi, Op„_2, Op„_l, OPn]) 



• (j{n) n,n — 1. Then a can be composed as three substitu- 
tions (Ti, (72, (T3: 

(Ji exchanges n — 1 and cr{n) and leave other element un- 
changed (hence o"i(n) = n since cr{n) n). Oi exchanges n — \ 
and n. (Jj,{n) = n and a-^ is such that a{i) = cr3(cr2(cri(i))). 
By the first case 

IT* {op, [opi, . . . , opn]) = IT* {op, [op^,(i), op^i(„)]) 

By the second case 

IT*{op, [op^i(i), . . . , op^,(„)]) = IT*{op, [op^2{a,(i)), op^2(^i(„,))]) 
By the first case again 

IT* {op, [op^2(^2(ai (1)) ) • • • ; OpCT2((Ti(n ))]) = IT*{op, [0^^3(^2(^2(^1(1))), • • • , OPa3(a2(ai(n)))]) 

Therefore 

IT* {op, [opi,..., opn]) = IT* {op, [op^(i), . . . , Op^(„)]) 
Proposition 3. 
Proo/. 

8.2 Proof of Theorem [2] 

======= We prove that no IT exists for our first set of operations 

on trees. IIUIU 1.3 

Proof. We assume that TPl holds and we prove that IT{opi, 0P2) 
can't be defined on an operation of Op. Let ti = opi{t), ^2 = 
0P2{t),t[ = op'2{ti) with op'2 = IT{op2,opi), t'2 = op[{t2) with op[ = 
IT{opi,op2). We assume that IT{opi,op2) is another operation of 
Op. The extension to a boolean combination of operation is straight- 
forward. 

— op'2 = Nop{) 

• op[ = Nop{) : Trivial because ti 7^ ^2 

• op\ = Add{_, _) 

Then there is at least one more edge on 



op[ = Del{x, y) we get 



n 

(x = n,y = r)ori^ = e,y = = e,y = m) 

Any possible operation leaves t2 unchanged. 

In all case t[ ^ t'2 
op'2 = Add{_, _) 

• op[ = Nop{) 

We have r under m on ti and under n on tg- 

• op[ = Add{-, _) 

The number of edges on t[ and on are different. 

• op[ = Del{-, _) same case 
op'2 = Del{_, _) 

t'^ = m I or r I or we return on Nop{) case. 

• op'i = NopO : The number of nodes are different, therefore 
t[ + t'2 

• op'^ = Add{-, _) idem 

• op'^ = Del{_, _) idem 



□ 



8.3 A Stronger Deletion ensures TPl, TP2 for trees 

The New Set of Operations and IT. Let us define a new deletion 
operation. 

Dehip, ^) '■ Delete the subtree accessed from the edge labeled by 
n at the end of path p. 

Del2{n' .p,n)(t) = t, if n ^ Dom{t) 
Del2{ni.p,n){{ni{ti), ...,ni{ti), ...,nq{tq)}) = 

{ni(ti), ...,ni{Del2{p,n)(ti)), ...,ng(tq)} 
Del2{e,n){t) = t, ii n ^ Dom(t) 

Del2{e,ni){{ni(ti), ...,ni(ti), ...,ng(tg)}) = {ni(ti), ...,nq(tg)} 



Let Op be the set of operations {Nop{), Add{p,n), Del2{p,n)} 
p & V,n E S and let IT be defined by: 
The IT function is defined by: 



' IT{Add{p, n), Add{p\ n')) = Add{p, n), 

{NopO, lip = p' /\n = n' 
Nop{), iip'.n'<p 
Add{p, n), else. 



Proof of TPl and TP2 with Strong Deletion 
Theorem 7. IT satisfies TPl and TP2. 

Proving TPl Wopi, op2 G Op, s G State, 
{t)[opi;IT{op2,opi)] = {t)[op2;IT{opi,op2)] 

We perform analysis on opi and op2 : 

1. opi = Add{p,n) and op2 = Add{p',n') 
(t) [Add{p, n) ; IT{Add{p', n'), Add{p, n))] = 
\t) [Add\p, n);Add{p',n')] 

(t) [Add{p', n') ; IT{Add{p, n) , Add{p', n'))] = 
lt)[Add{p',n');Add{p, n)] 
We prove : 

Do{Do{t,Add{p,n)),Add{p',n')) = 
Do{Do{t, Add{p', n')), Add{p, n)). 

We perform an induction on path length. 

(a) Empty path : 

— If n, n' ^ Dom{t) and n ^ n' 



Add{e, n'){Add{e, n)({ni(Ti), n,(T,)})) 
= {ni(Ti),...,n,(T,),n({}),n'({})} 



= < 



IT{Del{p, n),Add{p',n')) 



Del{p, n) 




Add{e, n'){Add{e, n)({ni(Ti), n,(T,)})) 
= {n,{T,),...,n,{T,),n'{{}),n{{})} 
which are equaL 

— li n = n' 

We obtain : = {ni(Ti), ...,nq{Tg),n{{})} 

Because we use the third choice of function Add{e, n) (t) 

and first operation add n({}). 

— If n G Dom(t) 

We have {ni(Ti), ...,ng(Tg),n'{{})} Third we use the sec- 
ond case of definition 

— idem if n' G Dom{t) with n. 

— If n, n' G Dom{t) the tree is unchanged. 

(b) if p.n<p' : 3p",p.n.p" = p if n G dom{p) then Add{p,n) do 
nothing. 

else 

We have 

= {ni(Ti), mi(TO, ...n,(T,)} « = {n,{T,), mi(T;), ...n,(T,), n({})} 
{ni(Ti),...,mi(Ti'),...n,(T,),n(Acici(p",n')({})} 

By definition : 

Add{p',n'){t) = {ni(Ti ),..., mi (TO,..., 

nq(Tq,n{Add{p" ,n'){{})} therefor n G dom(t\^) and Add{p,n) 
do nothing. 

so (2) = {ni(Ti),...,mi(T/),...n,(T,),n(Adci(p",n')({})} 

(c) idem for p'.n' <p 

(d) ii p<p' We have : p' = p.mi.pi 

We have tj^^ = {ni(Ti), ...,mi(Tj'), rag_i(Tq_i)} 

Two cases occurs, by recurrence definition : 

t'\^ = 

{ni(Ti),...,mi(Arfrf(p;,n')(T{)),...,n,_i(r,_i),n({})} 

(e) idem for p' < p 

(f) p,p' not empty (general case) 3p G P|p = Pcomon-v'i ^-iid 

= Pcomon-P2 We havc two non-empty paths then : 
p'l = nii.p'l and P2 = fn2-P2 

We have 

= {^i(^i), "^ilT^i')) "^2(^2), ...ng_2(Tg_2)} 



We have by definition : 

t'l^ = {miT,),...,m,{Add{p'ln){Ti),... 

, m2, {Add{pl n')(T2)), n,_2(Tg_2)} 

2. opi = Add{p,n) and op2 = Del{p',n') 
it)[Add{p, n); IT{Del{p', n'), Add{p, n))]^^) 
{t)[Dd{p', n');IT{Add{p, n), Del{p', n'))]^^^ 

— p = p' and n = n' 

« = {t)\Add{p,n),Del{p,n)] 
(2) = {t)[Del{p,n-Nop{)] 

• if 77, G Domip) tlien Add{p,n){t) do notfiing. Tlierefore 

(1) ={2) 

• if 7T, ^ Dom{p) then Add{p, n){t) create a node who delete 
by Del{n,p) in '^^^ and Del{n,p) do nothing in 
Therefore =(2) 

— p'.n' < p 

W = (t)[Acici(p,n);De/(p',n')] 
(2) = (t)[De/(y,n');Arop()] 
if p=p'.n'.p" 

We take : = {ni(ri), n'(T), ng_i(Tg„i)} We have : 

= {ni(Ti),...,n'(Arfd(p^n)(T)),...,n,„2(T,_2)} = K(Ti),...,n,_2(T^^^^ 
(2)|, = {ni(T0,...,n,_2(T,_2)} 

— else : same demo of [Tfl 

3. idem for opi = Del{p,n) and op2 = Add{p',n') 

4. opi = Del{p, n) and op2 = Del{p', n') 
{t)[Del{p, n); IT{Del{p', n'), Del{p, n))]^^^ 
{t)[Del{p', n');IT{Del{p, n), Del{p', n'))Y^^ 

— p.n=p'.n' : 

W = {t)[Del{p,n),Nop{)] 
(2) = {t)[Del{p,n),Nop{)] 

— p.n < p' 

We have p'=p.n.p" ; 

We take \ = {ni(Ti), n(T), nq_i(Tg_i)} 
W = {t)[Del{p,n);Nop{)] 
(2) = (t)[DeZ(p',n');£'e/(p,n)] 
«l, = {ni(Ti),...,n,_i(T,_i)} 
first time : Del{p,n){t)^ {ni{Ti), 

n(De/(/,n')(T)),...,n,!i(r,_i)} 
therefore (^^i^ = {ni(Ti), raq_i(Tg_i)} 



— idem for p'.n' < p' 

— else: same [TJ we have two independant subtree. 

5. case Nop() is trivial. □ 

Proving TP2 IT{IT{0p,0pi), IT{0p2,0pi)Y^'^ = 
IT{IT{Op, Op2), IT{Op^, Op2)Y^^ 
We will explore every case : 

— Op = Add{p, n), Opi = Add{pi, ni) and Op2 = Add{p2, 71-2) there- 
fore = Add{p, n) and = Add{p, n) 

— Op = Add{p,n),Opi = Add{pi,ni) and Op2 = Del{j>2,n2) 
IT{IT{Add{p, n), Add{pi, rii)), IT{Del{p2, ns), Add{pi, ni)))(^) 
IT^''\lT{Add{p,n), Dd{p2,n2), 

IT^'^^Addip,, ni), Delip2, na)))^^) 
^^'^ = IT{Add{p,n),Delip2,n2)) 

(2) ^ lT^^)(^lT{Add{j),n),Del{p2,n2)),Add{X,ni)) = IT{Add{p,n), Del{p2,n2)) 
or (2) = IT'^b\lT{Add{p,n),Del{p2,n2)),Nop{)) = 
IT{Add{p, n), Del{p2, 722)) 

Because '-"^ give a Add() or a Nop() the second argument of ^^'^ is 
a Add or a Nop. 

— Idem for Op = Add{p, n), Opi = Del{pi, ni) and Op2 = Add{p2, n2) 

— Op = Add{p,n),Opi = Del{pi,ni) and Op2 = Del{p2,n2) 
IT{IT{Add{p, n), De/(pi, ni)), IT{Del{p2, ^2), /^e/(pi, ni)))(i) 
IT{IT{Add{p, n), De/(p2, ^2)), IT{Del{pi, rii), De/(p2, n2)))(2) 

• If pi = P2 and rii = 77,2 

(1) = IT{IT{Add{p,n),Del{pi,ni)),NopO) 

(2) = ITllT{Add{p,n),Del{pi,ni)),Nop{)) 

• If p2-n2<pi 

(1) = IT{IT{Add{p,n),Del{puni)),Dd{p2,n2))) 
because pi.ni 7^ P2-''T'2 

(2) = IT{IT{Add{p,n), Del{p2,n2)), Nop{)) 
* iip2-n2 <p 

(1) = IT{IT{Add{p,n),Del{pi,n^)),Del{p2,n2))) 

(2) = iVopO 

• if pi.ni < p 

(1) = ATopO 

(2) = Nopi) 
■ else : 

« = IT{Add{p,n),Del{p2,n2)) = Nopi) 
(2) = ATopO 



* idem for pi.rii <p 

* else : 

(1) = IT{Add{p,n), Del{p2,n2)) = Add{p,n) because 
P2.n2 ^pApi.ni ^p 

(2) = IT{IT{Add{p,n),Del{p2,n2)),NopO)) =« 

• idem if pi.rii <p2 

• Else : 

« = IT{IT{Add{p,n),Delip,,n,)),Del{p2,n2))) 
(2) = IT{IT{Add{p,n),Dd{p2,n2)),Del{p,,n^))) 

* if p = pi A n = rii 

(1) = IT{Nop{),Del{p2,n2))) = Nop{) 

(2) = IT{IT{Add{p^,n{),Del{p2,n2)),Del{p^,n^))) 
By hypothese : 

(2) = IT{Add{pi,ni), Delipum))) = NopQ 

* idem if p = p2 A n = n2 

* ifpi.ni<p(i) = IT{Nop{),Del{p2,n2))) 

(2) = IT{IT{Add{p,n),Del{p2,n2)),Dd{p,,n,))) 

We have p2 7^ P V ^2 7^ n and p2-n2 fap because 
P2.n2 <p Api.rii <p =^ pi.ni <p2-n2 M P2-n2 <pi.ni 
(2) = IT{Add{p,n),Del{pi,ni))) = Nop{) =(^) 

* idem if p2-n2 <p 

* else : 

(1) = IT{Add{p,n)) 

(2) = IT{Add{p,n)) 

— Trivial for Op = Del{p, n), Opi = Add{pi, rii) and Op2 = Add{p2, n2) 

— if Op = Del{p,n),Opi = Del{pi,ni) and Op2 = Add{p2,n2) 

= IT{IT{Del{p,n),Del{pi,ni)), 
IT{Add{p2, ^2), Del{pi, rii)) 

(1) = IT{Del{p,n), Del{pi,ni)) because the first argument will 
be a 'DeV and the second will be a 'Add\ 

(2) = IT{IT{Dd{p,n),Add{p2,n2)), 
IT{Del{pi, rii), Add{p2, ^2)) 

(2) = IT{Del{p,n),Dell{pi,ni)) 

— idem for Op = Del{p, n), Opi = Add{pi, rii) and Op2 = Del{j>2, ^2) 

— if Op = Del{p, n), Opi = Del{pi, rii) and Op2 = Del{p2, ^2) 



— Trivial If Op = Nop{) 

— if Op = X{n,p), Opi = NopO and Op2 = X'{n2,P2) 
« = IT{IT{X{p,n),Nop()),IT{X'{p2,n2),Nop{)) 
= IT{X{p,n),X'{p2,n2)) 

(2) = IT{IT{X{p,n),X'{p2,n2)),IT{NopO,X'{p2,n2)) 
= IT{X{p,n),X'{p2,n2)) 

— idem Op = X{n,p),Opi = X{pi,ni) and Op2 = Nop{) 

— Trivial, if Op = X{n,p), Opi = Nop{) and Op2 = Nop{) 

□ 

8.4 Proof of Theorem [4] 

The proof is similar to the previous proof and has been checked by 
Vote using the following specification: 

"/oVOTE file for proving TP1/TP2 on XML like trees 

type node (mem , data) , Ibl (novalue) , nat ; 
observator 

"/otest node existence 

bool exist (node); 
"/orelation between son and father 

bool childof (node , node); 
y„returns the label of a node 

Ibl getLbl (node) ; 
auxiliary 

"/oreturns tree if there is a path between nodes 
bool childof p (node , node); 

operation 

/dadd a node n, if it doesn't exists, 
"/oit becomes a son of p that must exist 
not (exist (n) ) and exist(p) and (n!=mem) and (n!=data) : Add(node p.node n) ; 

"/odelete an existing node that must be different 
"/ofrom the two initial nodes mem and data 
exist (n) and (n!=mem) and (n!=data) : Del (node n) ; 



°/oSite t moves node n under node p if n exists and is different 
"/ofrom mem and data 

exist (n) and exist (p) and (n!=mem) and (n!=data) and (n != p): Move (node n, nc 

°/oSite t renames a node n with label 1 if n exists and is 
^different from mem and data 
exist(n) and (n!=mem) and (n!=data): Ren(node n,lbl l,nat t) ; 

transform 

"/odefinition of the IT transformation 

T(Add(pl,nl) ,Del(n2)) = if (pl==n2) then 
return Add (mem, nl) 
else 

return Add(pl, nl) 
endif ; 

T(Ren(nl,ll,sl) , Del(n2)) = if (nl==n2) then 

return nop 

else 

return Ren (nl, 11, si) 
endif ; 

T(Ren(nl,ll,sl) ,Ren(n2,12,s2))= if (nl==n2 and si > s2) then 

return nop 

else 

return Ren(nl , 11 , si) 
endif ; 

T(Move(nl,pl,sl) ,Move(n2,p2,s2)) = if (nl==n2 and si > s2) then 

return nop 

else 

return Move(nl,pl,sl) 
endif ; 

T(Move(nl,pl,sl) ,Del(n2)) = if(nl==n2) then 
return nop 

elseif (pi == n2) then 
return Move(nl ,mem, si) 
else 

return Move (nl, pi, si) 



endif ; 
definition 

exist ' (nl)/Add(p2,n2) = if (nl == n2) then return true 

elseif (nl==mem or nl==data) then 

return true 

else return exist (nl) 

endif ; 

exist' (nl) /Del (n2) = if (nl==meni or nl==data) then 
return true 

elseif (nl == n2) then return false 

else return exist (nl) 
endif ; 

childof ' (nl,pl)/Add(p2,n2) = if (nl == n2 and p2==pl) then return true 
else return childof (nl ,pl) 
endif ; 

childof Hnl,pl)/Del(n2) = if (n2 == nl) then 

return false 

elseif (n2==pl) then 

return false 

elseif (pl==mem and childof (nl ,n2) ) then 
return true 
else 

return childof (nl , pi) 
endif ; 

childof ' (nl,pl)/Move(n2,p2, si) = if(nl == n2 and pl==p2) then 
return true 

elseif (nl==n2 and pl!=p2) then 

return false 

else 

return childof (nl , pi) 
endif ; 

getLbl' (nl)/Add(p2,n2) = if (nl==n2) then return novalue 
else 

return getLbl(nl) 
endif ; 

getLbl' (nl)/Del(n2) = if (n2 == nl) then return novalue 
else 



return getLbl(nl) 
endif ; 

getLbinnl)/Ren(n2,12,s2) =if (nl==n2) then 
return 12 
else 

return getLbl(nl) 

endif ; 

lemma 

y„basic lemmas needed for the proof 

°/oall trees have node meme and data 
=>exist (mem) ; 
=>exist(data) ; 

"/oassume no auto-concurrency 

sl>=s2 and s2>=sl =>; 

not( sl>s2) and not(s2>sl) =>; 

"/oAxioms for trees 

childof(x,y) and childof(x,z) and (z!=y) =>; 
childofp(x,y) and childofpCy ,z)=>childofp(x,z) ; 
childof (x,y)=> childof p(x,y) ; 
childof p (x , x) => ; 

The output of Vote is: 

Elapsed time: -704.857296 s 

Global statistics of the main successful operations 



contextual_rewriting 

equational_rewriting 

conditional_rewriting 

partial_case_rewriting 

total_case_rewriting 

induction 

subsumption 

tautology 



of tries. 
of tries. 
334 of 85455 tries. 
of tries. 
675 of 675 tries. 
of tries. 
165 of 63888 tries. 
71 of 245580 tries. 



Total clauses: 30428 



Max depth : 1 

All sets of conjectures were successfully processed 

8.5 Proof of Theorem [5] 

We give the proof of the combination theorem. 

Proof. Given a sequence of computations Camp i.e. a sequence of 
expressions (j)i{E).\ri or re.4>e{E) respecting causahty, we extract 
CompT and Compid the respective computations of At and Ad for 

nT{M{ET,En)).\ri) = ^J{Et).\tJ if = (rf , ±) 
n^diMiEr, ED)).\ri) = i^f{ED{id)).\r^ if n = (±, K rf)) 
i7T(?re.0e((^T,^D)) =lrl.vJ{ET) if = (rj, ±) 
nu{Jr,4,{{ET. Ed)) =lr^ .^^ {ED^id)) if = (±, {id, rf )) 
and for all other cases i7r(. • •) = • •) = where is the null pro- 
cess that does nothing. By construction CompT respects the causal- 
ity relations restricted to the operations of OpT- The same holds 
for Compifi. the causality relation (but the reverse doesn't neces- 
sarily holds). Therefore CompT is a legal computation of Ad and 
by the convergence of Ad each site has he same state st- For each 
id e Doiti^st), the sequence Compid is legal computation of Aid, 
therefore each site has the same state Sid- 



